PHP Classes

File: ProtectedContent.php

Recommend this page to a friend!
  Classes of Claudius Tiberiu Iacob   Authenticator_ciacob   ProtectedContent.php   Download  
File: ProtectedContent.php
Role: Example script
Content type: text/plain
Description: See "HoToInstall.txt" for info
Class: Authenticator_ciacob
Register and authenticate users
Author: By
Last change: Changed File Role.
Date: 14 years ago
Size: 2,910 bytes
 

Contents

Class file image Download
<?php
   
require_once ('domit/xml_domit_include.php');
    require_once (
'ParamsProxy.php');
    require_once (
'UTF8.php');
    require_once (
'DbProxy.php');
    require_once (
'Authenticator.php');

   
/**
    * Checks whether we are logged in. This is done by attempting to trade our cached session unique id
    * for a new one:
    *
    * <new session id> = Authenticator::getInstance()->authenticate (<old session id>);
    */
   
function attemptToLoginFromCache () {
       
$isAuthenticated;
       
$newSessionData;
       
$cachedSessionData = trim ($_COOKIE["AuthenticatorDemo"]);
        if (!empty (
$cachedSessionData)) {
           
$newSessionData = Authenticator::getInstance()->authenticate ($cachedSessionData);
           
$isAuthenticated = !is_numeric ($newSessionData);
        }
        if (
$isAuthenticated) {
           
storeSessionData ($newSessionData);
        } else {
           
// If authentication fails, you may want to test the value returned. For instance, you
            // may test it against these constants:
            //
            // - Authenticator::SESSION_UID_EXPIRED
            // - Authenticator::INVALID_SESSION_UID
            // - Authenticator::IP_HAS_CHANGED
            //
            // You could then print error messages to the user, instead of just redirecting him.
           
header ('Location: ../AuthenticatorDemo.php');
            exit ();
        }
    }

   
/**
    * Ends the current session on demand. This is done as:
    *
    * Authenticator::getInstance()->unAuthenticate (<session unique id>);
    */
   
function endSession () {
       
$cachedSessionData = trim ($_COOKIE["AuthenticatorDemo"]);
       
Authenticator::getInstance()->unAuthenticate ($cachedSessionData);
    }

   
/**
    * Stores the session unique id on the client machine.
    *
    * The session lifetime is limited by the Authenticator module, internally. If you use a
    * cookie as the local storage medium, give it a long lifetime. This will rule out potential
    * issues. In this demo, we make the cookie last one day, although our Authenticator is
    * configured to allow 15 minutes per session at most.
    */
   
function storeSessionData ($sessionData) {
       
$cookieExpireTime = (time() + 86400);
       
$cookiePath = '/';
       
setcookie ('AuthenticatorDemo', $sessionData, $cookieExpireTime, $cookiePath);
    }

   
// This code is run as the page loads...
   
$action = trim ($_POST['action']);
    if (
$action == 'Logout') {
       
endSession ();
    }
   
attemptToLoginFromCache ();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
    "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
  <head>
    <title>ProtectedContent</title>
  </head>
    <body>
        <h2>Protected Content</h2>
        <p>This is a sample page holding <em>protected</em> content. This page cannot be loaded in
        your browser without prior authenticating with your username and password.</p>
        <hr />
        <form action="" method="post">
            <p>
                <input type="submit" name="action" value="Logout" />
            </p>
        </form>
    </body>
</html>